<?php /*
Copyright 2005 Dan Boitnott (dboitnot@fastmail.fm)

This file is part of phpTasks.

phpTasks is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

phpTasks is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with phpTasks; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/ ?>
<?php require("common.php"); ?>
<?php

if (is_null($CONFIG['file_store'])) {
  echo "Attachments are not supported on this server.";
  exit;
}

if (!is_numeric($HTTP_VARS["taskid"])) {
  echo ("Invalid taskid!");
  exit;
} else {
  $taskid = $HTTP_VARS["taskid"];
}

if ($r = fetchrow($conn, "tasks", "taskid=" . $taskid)) {
  if ((!$USER["modifytasks"]) || ((!$USER["viewalltasks"]) && ($r["assigned_to"] <> $USER["userid"]) && ($r["assigned_by"] <> $USER["userid"]))) {
    echo ("You are not authorized to attach files to this task.");
    exit;
  }
} else {
  echo ("Invalid taskid!");
  exit;
}

switch ($HTTP_VARS['action']) {
 case "Cancel":
   redirect("taskedit.php?taskid=$taskid");
   break;
 case "Upload":
   $dpath = $CONFIG['file_store'] . "/$taskid";
   if (!is_dir($dpath)) {
     mkdir($dpath);
   }
   if ($_FILES["up_file"]["name"] == "RCS") {
     echo "Invalid file name.";
     exit;
   }
   $dpath = "$dpath/" . $_FILES["up_file"]["name"];
   if (move_uploaded_file($_FILES["up_file"]["tmp_name"], $dpath)) {
     if (!is_dir($CONFIG['file_store'] . "/$taskid/RCS")) {
       mkdir($CONFIG['file_store'] . "/$taskid/RCS");
     }
     $tmpf = tempnam("/tmp", "rcsentry");
     $fp = fopen($tmpf, "w");
     fwrite($fp, $HTTP_VARS['desc']);
     fclose($fp);
     
     $cmd = "ci -t$tmpf -mAuto -f " . escapeshellarg($dpath);
     shell_exec($cmd);
     unlink($tmpf);
     $cmd = "co -l " . escapeshellarg($dpath);
     shell_exec($cmd);
     redirect("taskedit.php?taskid=$taskid");
   } else {
     echo "File upload failed.";
     exit;
   }
}

std_header("Upload");
?>
<form enctype="multipart/form-data" method="POST" action="upload.php">
<input type="hidden" name="taskid" value="<?=$taskid?>"/>
<table border="0" align="center">
<tr>
<td colspan="2"><h3>Choose a file to upload...</h3></td>
</tr><tr>
<td class='form_label'>File:</td>
<td class='form_field'><input type='file' name='up_file'/></td>
</tr><tr>
<td class='form_label'>Description:</td>
<td class='form_field'><input type='text' name='desc'/></td>
</tr><tr>
<td></td>
<td class='form_field'>
  <input type='submit' name='action' value='Upload'/>
  <input type='submit' name='action' value='Cancel'/>
</td>
</tr>
</table>
<?php std_footer(); ?>
